Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ee4d823-9869-449e-9541-10a647125e4a.roa
File: 4ee4d823-9869-449e-9541-10a647125e4a.roa (raw, json)
Hash identifier: tO/pHkfk3lXGihbAWH0b8eUdUc6q0fzf/+vyOY9B3Ug=
Subject key identifier: 99:C6:83:31:C9:8D:79:76:7A:2A:5A:8F:D0:06:86:CD:20:C0:3D:07
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 627B80384163C3D4446886ED8DD88910184B361F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ee4d823-9869-449e-9541-10a647125e4a.roa
Signing time: Fri 11 Jul 2025 19:20:44 +0000
ROA not before: Fri 11 Jul 2025 19:20:44 +0000
ROA not after: Fri 15 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:7b:80:38:41:63:c3:d4:44:68:86:ed:8d:d8:89:10:18:4b:36:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jul 11 19:20:44 2025 GMT
Not After : Aug 15 23:59:59 2025 GMT
Subject: serialNumber=3b77ea5fa4627e016cedd7580b11bf4d517e42c0980498b6930dee9a5d93029f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5f:47:4c:41:d3:81:88:64:fb:72:42:c6:e6:
70:c0:28:92:3d:02:66:ad:b0:09:85:47:0f:a7:3e:
28:cf:e2:37:10:47:8a:37:dc:53:58:f7:26:05:26:
03:1a:bc:47:be:e6:0d:b6:b2:4e:02:a4:ea:04:bb:
d0:28:6c:3f:ac:90:cb:79:30:83:1c:aa:e6:b3:fc:
c6:e2:b5:c5:f5:e8:7a:ca:ff:65:75:1a:20:9b:01:
20:fa:ff:fe:85:56:3f:b6:97:a0:6a:ef:00:8c:06:
64:e6:da:55:af:24:e1:c8:99:eb:1d:28:b8:0a:1e:
2b:63:6f:d8:15:6c:60:1c:be:75:72:6a:dc:94:66:
31:92:e6:45:12:c1:7c:67:da:3c:dd:4c:0a:22:0a:
ac:ec:b8:83:b7:8c:dd:7a:81:f2:3d:1a:26:71:b6:
eb:cc:be:a7:1c:f1:ff:1c:6e:70:a0:40:17:38:97:
c0:ce:f1:b0:ee:82:c2:6d:9d:cc:4e:68:cb:be:6b:
ee:3a:fb:1a:25:e7:d9:e7:2d:8a:66:5f:7d:7e:9c:
99:42:a1:a7:3c:1b:a2:a4:87:91:4f:4c:f4:0c:fa:
5a:f8:b9:a3:ce:f7:b1:57:fe:c3:8b:55:02:78:3f:
ef:65:5d:38:86:d6:1c:5c:95:68:a9:51:d7:18:80:
5c:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:C6:83:31:C9:8D:79:76:7A:2A:5A:8F:D0:06:86:CD:20:C0:3D:07
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4ee4d823-9869-449e-9541-10a647125e4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
48:7b:cb:c5:79:2b:bf:19:9d:c5:cf:d4:fd:dd:15:fb:26:aa:
37:c7:fc:21:42:5c:0e:76:8e:83:83:51:21:2d:e9:b1:0b:a3:
7f:9a:60:97:22:ca:c6:77:5a:f4:3e:71:8a:fd:f0:a6:b0:ce:
25:fd:bc:f2:84:00:12:fb:be:f0:65:c0:82:da:24:bc:c9:66:
ce:97:ce:ca:3c:83:39:62:3b:41:34:17:e6:3e:c1:8a:ee:97:
fb:da:4c:80:b6:ee:77:e2:f7:93:98:3d:1d:c0:3b:d1:b1:bc:
3b:40:d2:7a:29:20:3f:77:3d:28:04:42:89:a0:38:83:66:80:
64:70:92:7c:f9:dd:94:06:a9:64:7c:ab:91:d6:0d:8d:cc:85:
33:61:6b:1e:20:bd:ce:d2:b1:f6:ee:57:6b:d8:c1:7a:ce:85:
92:29:77:85:f9:a1:af:85:e5:bf:19:aa:97:e4:34:44:8d:ad:
3b:c1:61:dc:29:0c:a5:b5:6b:f5:f5:43:eb:56:8b:c8:dd:80:
ca:54:09:cd:14:b6:95:59:3d:a2:dc:80:8d:ea:f8:cc:95:f8:
93:72:dc:ce:22:41:83:90:a5:5c:7d:91:06:86:da:32:ef:09:
2c:98:7a:57:3d:d8:fe:85:4a:54:a6:45:24:14:d4:37:b7:28:
d2:9b:62:1d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYnuAOEFjw9REaIbtjdiJEBhLNh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA3MTExOTIwNDRaFw0yNTA4MTUyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiNzdlYTVmYTQ2MjdlMDE2Y2VkZDc1ODBiMTFiZjRkNTE3ZTQyYzA5ODA0
OThiNjkzMGRlZTlhNWQ5MzAyOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRfR0xB04GIZPtyQsbmcMAokj0CZq2wCYVHD6c+KM/iNxBHijfcU1j3JgUm
Axq8R77mDbayTgKk6gS70ChsP6yQy3kwgxyq5rP8xuK1xfXoesr/ZXUaIJsBIPr/
/oVWP7aXoGrvAIwGZObaVa8k4ciZ6x0ouAoeK2Nv2BVsYBy+dXJq3JRmMZLmRRLB
fGfaPN1MCiIKrOy4g7eM3XqB8j0aJnG268y+pxzx/xxucKBAFziXwM7xsO6Cwm2d
zE5oy75r7jr7GiXn2ectimZffX6cmUKhpzwboqSHkU9M9Az6Wvi5o873sVf+w4tV
Ang/72VdOIbWHFyVaKlR1xiAXNUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSZxoMx
yY15dnoqWo/QBobNIMA9BzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVlNGQ4MjMtOTg2OS00NDllLTk1NDEtMTBhNjQ3MTI1ZTRhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/A
MA0GCSqGSIb3DQEBCwUAA4IBAQBIe8vFeSu/GZ3Fz9T93RX7Jqo3x/whQlwOdo6D
g1EhLemxC6N/mmCXIsrGd1r0PnGK/fCmsM4l/bzyhAAS+77wZcCC2iS8yWbOl87K
PIM5YjtBNBfmPsGK7pf72kyAtu534veTmD0dwDvRsbw7QNJ6KSA/dz0oBEKJoDiD
ZoBkcJJ8+d2UBqlkfKuR1g2NzIUzYWseIL3O0rH27ldr2MF6zoWSKXeF+aGvheW/
GaqX5DREja07wWHcKQyltWv19UPrVovI3YDKVAnNFLaVWT2i3ICN6vjMlfiTctzO
IkGDkKVcfZEGhtoy7wksmHpXPdj+hUpUpkUkFNQ3tyjSm2Id
-----END CERTIFICATE-----
Generated at Tue Jul 22 21:44:20 2025 by rpki-client